<?php

class CommonController extends Controller{

	public function __construct(){
		parent::__construct();
		if(!$this->auth()){
			//$this->jsonError('您还没有登录权限');
		}
		
		if(!$this->permission()){
			//$this->jsonError('您还没有此操作权限');
		}
	}

	private function auth(){
		return (boolean) $_SESSION['uid'];
	}
	
	private function permission(){
		$action = (isset($_GET['action']) ? $_GET['action'] : 'index');
		$controller = ucfirst(isset($_GET['controller']) ? $_GET['controller'] : 'home');
		$uid = (int) $_SESSION['uid'];

		$operation = $controller.'.'.$action;

		$white = array('Auth.gen');
		if(in_array($operation, $white)) return true;

		$query = "SELECT g.`permissions` as `permissions` FROM `user` u LEFT JOIN `group` g ON u.`group`=g.`id` WHERE u.`id`={$uid} LIMIT 1";
		$db = $this->loadSqlite('bamboo');
		$row = $db->getOne($query);
		if(empty($row)) return false;
		$permissions = explode(',', $row['permissions']);

		if(!in_array($operation, $permissions)) return false;
		return true;
	}
}

?>